2 matches found
CVE-2008-0428
Multiple SQL injection vulnerabilities in the login function in system/classpermissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter to admin/index.php...
CVE-2008-0428
Multiple SQL injection vulnerabilities in the login function of bloofoxCMS 0.3 (system/class_permissions.php) allow remote attackers to inject arbitrary SQL via the username or password parameters to admin/index.php. Affects the login routine due to improper input sanitization; documented under C...